Are you ready for GDPR?

Discover your hidden risks before the May 25 deadline

See where private information flows within your organisation

Stay GDPR compliant as your business changes

The EU General Data Protection Regulation

On the 25th of May 2018, the European Union General Data Protection Regulation (EU GDPR) comes into force. The aim of the GDPR is to protect the personal information of EU citizens and make it easier for organizations to understand and comply with data protection rules.

The legislation affects all organisations processing personal information or offering goods and services to people within the EU, even if your organization does not have a location in the EU. Cases of non-compliance will be treated with significant financial penalties; 20 million Euros or 4% of your worldwide annual revenue.

GDPR key points

Privacy: An individual’s personal information such as name, email address, financial or medical details, and even IP address, must be safeguarded in all products and services.

Data Custodianship: Personal information must be traceable through an organisation; How the information is collected, stored, processed and accessed must be known. Additionally personal data may be retained for only as long as an organisation absolutely needs it. Once that data is no longer needed, the regulation requires that the data should be destroyed or anonymized.

Consent: Organisations must gain consent to use and process an individual’s personal information. It must be clearly communicated to the individual what their information is going to be used for.

Right To Revoke: Individuals can revoke their consent for an organisation to use their personal information. They may also request for their personal information to be deleted.

Breach Notification Requirements: Along with the requirements around keeping users’ information safe, the GDPR also includes binding and rigorous data breach notification rules.

LINQ – GDPR the easy way

LINQ is an information flow modelling tool that can be applied to your GDPR challenge immediately.

Personal data

Easily trace the use of personal data within your organisation with upstream and downstream flow modelling.

Storage location

Discover where personal information is processed and stored, mapping which of your systems are subject to GDPR.

Collection, usage and disposal

Identify information collection (who or what collected it), usage (for what purpose) and disposal (what is its lifetime).

Trust boundaries

Record when and to whom personal information is transferred out of your organisation.